vyzva ke změně hesla seznam

Zpráva

Andycasnochova · #1 Příspěvek od **Andycasnochova** » 13 bře 2016 13:28

Dobrý den,
prosím o pomoc s řešení problému s pravděpodobnou nákazou mého notebooku. Když se přihlašuji totiž na email, vyskakuje mi stránka pro změnu hesla na emailu.

Předem děkuji.
Přeji hezký den

#2 Příspěvek od **Márty84** » 13 bře 2016 20:16

Zdravim

Dela to ve vsech prohlizecich?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\Program Files (x86)\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Andycasnochova · #3 Příspěvek od **Andycasnochova** » 13 bře 2016 21:37

Chová se to stejně v různých prohlížečích

# AdwCleaner v5.102 - Logfile created 13/03/2016 at 21:12:50
# Updated 13/03/2016 by Xplode
# Database : 2016-03-13.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Home - HOME-NB
# Running from : C:\Users\Home\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\LSHunter.TV
[-] Folder Deleted : C:\Program Files (x86)\WebSpades
[J] Folder Not Deleted : C:\Program Files (x86)\WebSpades
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\Users\Home\AppData\Local\apn
[-] Folder Deleted : C:\Users\Home\AppData\Local\VNT
[-] Folder Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[-] Folder Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\clkckblnmlbemmgefidhlmjcfboijafe
[-] Folder Deleted : C:\Users\Home\AppData\Local\Temp\apn
[-] Folder Deleted : C:\Users\Home\AppData\LocalLow\FreeHD-Sport TV V9.0
[-] Folder Deleted : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV

***** [ Files ] *****

[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_clkckblnmlbemmgefidhlmjcfboijafe_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_clkckblnmlbemmgefidhlmjcfboijafe_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_clkckblnmlbemmgefidhlmjcfboijafe_0
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\clkckblnmlbemmgefidhlmjcfboijafe
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_ciuvo.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_ciuvo.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.eshopcomp.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[-] File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\searchplugins\Askcom.xml
[-] File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\searchplugins\buenosearch.xml
[-] File Deleted : C:\windows\SysNative\drivers\wStLibG64.sys

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-1
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-2
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-3
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-4
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-5
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-1
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-2
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-3
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-4
[-] Task Deleted : 711bd280-00bb-4a68-b469-95176701eb0f-5

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acfoobbgoakpihljnfedbcfaipcdlfhk
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b74051f8-900f-4df2-aa94-18a56cc70fe5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b74051f8-900f-4df2-aa94-18a56cc70fe5}
[-] Key Deleted : HKCU\Software\1ClickDownload
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\VNT
[-] Key Deleted : HKCU\Software\WebSpades
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\WebSpades
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebSpades
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B2C9BC42-C5B7-4AAB-AAD2-B81A168E4370}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\ApnTBMon
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\VNT

***** [ Web browsers ] *****

[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.aaba3db73c9bd47b399c1ebaf0b0b87adc43641375195433981ddebf2e8579728com51386.51386.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.ajackiegraveshotmailcom62128.62128.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22u[...]
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.admin", false);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.bbDpng", "22");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.cntry", "CZ");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.excTlbr", false);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.hdrMd5", "40833B1D9349480E476073BB6E9E6B55");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.id", "7c4e86d40000000000009439e5d9859d");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.instlDay", "16180");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.lastB", "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 3&tsp=5223");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.lastVrsnTs", "1.8.28.723:41:51");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.newTab", false);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.rvrt", "false");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.sg", "tzb");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 3&tsp=5223");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 3&tsp=5223");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.723:41:51");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("extensions.crossrider.bic", "14581167cd4deca4c70de2218ac5429a");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 3&tsp=5223");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 3&tsp=5223");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.id", "7c4e86d40000000000009439e5d9859d");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.instlDay", "16180");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.723:41:51");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.excTlbr", false);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.admin", false);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.rvrt", "false");
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("extensions.buenosearch.newTab", false);
[-] [C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\user.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask search
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : buenosearch.com
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mysearch.avg.com
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : acfoobbgoakpihljnfedbcfaipcdlfhk
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : clkckblnmlbemmgefidhlmjcfboijafe
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
[-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nkjddnjnldjjnbjahcinkhkchijbjcmn

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [21655 bytes] - [13/03/2016 21:12:50]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [22452 bytes] - [13/03/2016 21:08:12]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [21843 bytes] ##########

#4 Příspěvek od **Márty84** » 13 bře 2016 21:48

Vyfotte mi tu hlasku o zmene hesla.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Andycasnochova · #5 Příspěvek od **Andycasnochova** » 13 bře 2016 22:13

https://login.szn.cz/need-password-chan ... 0seznam.cz ulr je přímo ze seznamu

#6 Příspěvek od **Márty84** » 13 bře 2016 22:41

Z jineho pc/tabletu/mobilu se prihlasite?

Nejdrive pc poradne procistime, ale ta zmena hesla bude mozna nezbytna, vcetne uvedeni tel. cisla http://napoveda.seznam.cz/cz/login/vynu ... ena-hesla/ Uvidime po uplnem docisteni.

Andycasnochova · #7 Příspěvek od **Andycasnochova** » 14 bře 2016 00:01

z tabletu a mobilu s Androidem to dělá stejně, bude třebas promazat mobil či tablet nebo je to jenom v notebooku?

#8 Příspěvek od **Márty84** » 14 bře 2016 07:11

Jestli mate moznost, zkuste se prihlasit na mail z jineho pc (soused, kamarad...).

Co MBAM, uz dobehl, nebo jeste skenuje?

Andycasnochova · #9 Příspěvek od **Andycasnochova** » 14 bře 2016 08:01

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 14.3.2016
Čas skenování: 3:51
Protokol: Anti.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.03.14.01
Databáze rootkitů: v2016.03.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Home

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 419209
Uplynulý čas: 29 min, 24 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 24
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BEE8614-4C64-4AC7-85C4-B14EBE734E96}, , [f4b57c0ba7f2bc7a1d5101008e7623dd],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D3FF2C9-5C6E-45F6-82A8-E9A3D2539FEC}, , [a6035136247562d48ee1669bfb097f81],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BEE8614-4C64-4AC7-85C4-B14EBE734E96}, , [4b5ec6c10c8d7cba115de71afb09f010],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D3FF2C9-5C6E-45F6-82A8-E9A3D2539FEC}, , [86238403019879bdb3bcd42ddb2904fc],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update WebSpades, , [4a5f82057a1fc96d1680fe73a06434cc],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util WebSpades, , [496020679aff2511593d2a47b3518e72],
PUP.Optional.FreeHDSportTV, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\FreeHD-Sport TV V9.0, , [0e9bceb93f5ae94d5db633d5c440db25],
PUP.Optional.FreeHDSportTV, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\APPDATALOW\SOFTWARE\FreeHD-Sport TV V9.0, , [5f4aafd89504c76f8a89f5138d770af6],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F04C694-AA45-4FC8-9A2A-B96E93857518}, , [4a5f89fe7a1f2412232b30d143c1af51],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{209F9779-6F67-4889-AC7B-21FA2420C235}, , [5455f592d6c37cba6ee0a65b7094e21e],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BEE8614-4C64-4AC7-85C4-B14EBE734E96}, , [941571166f2a95a19eaf58a98183b64a],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{57E0DDB6-2A4C-4FE9-AE62-62B778CE3DE4}, , [46633e49f6a374c2e36bd52ce420629e],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D3FF2C9-5C6E-45F6-82A8-E9A3D2539FEC}, , [30796522e5b4d06690bec23f06feb050],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CD07598-2A0F-4B13-9BA9-4ABF7C986C93}, , [dccd46417623ad893817f60b42c2cd33],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DA51185-56BB-4AF3-AE66-D377A7C14DCE}, , [16931e693e5b0234ec629e6324e09967],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C78E8C7-644B-40FA-9879-F9527BA263B5}, , [b2f72b5c227742f43f0f12ef5ba9b947],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FDC7A66-8CCE-43D9-A6A3-76C9FC2049CB}, , [6841e0a77b1e290d79d6ed1406fe17e9],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B1165269-5793-4622-BD58-D145413D7838}, , [6e3be0a70d8c310563ec976a61a359a7],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B495E73D-4DA2-41E5-B8A8-BD3CE21363CB}, , [179246411c7d5adc95b915ec00047b85],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B74051F8-900F-4DF2-AA94-18A56CC70FE5}, , [d5d425622277f640a6a9e51cb252c63a],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA5D77E1-7557-4A6C-BE57-13EA442FE998}, , [9613a4e3f7a2b77f034cc9380ff5fb05],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E318482B-E1E8-4F50-AEFF-DD1FA7D3656D}, , [74356324e2b756e076d913eed331cc34],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F0356CB4-F30B-4A20-857F-834D44CAC667}, , [0d9cc2c5abee91a552fd2fd2669e38c8],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB266CD3-1412-4122-BAF7-88B5ADC552DA}, , [b5f45d2a6237b581b9967d8411f3da26],

Hodnoty registru: 20
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3bee8614-4c64-4ac7-85c4-b14ebe734e96}|AppName, FreeHD-Sport TV V9.0-bg.exe, , [f4b57c0ba7f2bc7a1d5101008e7623dd]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5d3ff2c9-5c6e-45f6-82a8-e9a3d2539fec}|AppName, FreeHD-Sport TV V9.0-buttonutil.exe, , [a6035136247562d48ee1669bfb097f81]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3bee8614-4c64-4ac7-85c4-b14ebe734e96}|AppName, FreeHD-Sport TV V9.0-bg.exe, , [4b5ec6c10c8d7cba115de71afb09f010]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5d3ff2c9-5c6e-45f6-82a8-e9a3d2539fec}|AppName, FreeHD-Sport TV V9.0-buttonutil.exe, , [86238403019879bdb3bcd42ddb2904fc]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F04C694-AA45-4FC8-9A2A-B96E93857518}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [4a5f89fe7a1f2412232b30d143c1af51]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{209F9779-6F67-4889-AC7B-21FA2420C235}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [5455f592d6c37cba6ee0a65b7094e21e]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3bee8614-4c64-4ac7-85c4-b14ebe734e96}|AppName, FreeHD-Sport TV V9.0-bg.exe, , [941571166f2a95a19eaf58a98183b64a]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{57E0DDB6-2A4C-4FE9-AE62-62B778CE3DE4}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [46633e49f6a374c2e36bd52ce420629e]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5d3ff2c9-5c6e-45f6-82a8-e9a3d2539fec}|AppName, FreeHD-Sport TV V9.0-buttonutil.exe, , [30796522e5b4d06690bec23f06feb050]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CD07598-2A0F-4B13-9BA9-4ABF7C986C93}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [dccd46417623ad893817f60b42c2cd33]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DA51185-56BB-4AF3-AE66-D377A7C14DCE}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [16931e693e5b0234ec629e6324e09967]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C78E8C7-644B-40FA-9879-F9527BA263B5}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [b2f72b5c227742f43f0f12ef5ba9b947]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FDC7A66-8CCE-43D9-A6A3-76C9FC2049CB}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [6841e0a77b1e290d79d6ed1406fe17e9]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B1165269-5793-4622-BD58-D145413D7838}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [6e3be0a70d8c310563ec976a61a359a7]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B495E73D-4DA2-41E5-B8A8-BD3CE21363CB}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [179246411c7d5adc95b915ec00047b85]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b74051f8-900f-4df2-aa94-18a56cc70fe5}|AppName, FreeHD-Sport TV V9.0-codedownloader.exe, , [d5d425622277f640a6a9e51cb252c63a]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA5D77E1-7557-4A6C-BE57-13EA442FE998}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [9613a4e3f7a2b77f034cc9380ff5fb05]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E318482B-E1E8-4F50-AEFF-DD1FA7D3656D}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [74356324e2b756e076d913eed331cc34]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F0356CB4-F30B-4A20-857F-834D44CAC667}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [0d9cc2c5abee91a552fd2fd2669e38c8]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB266CD3-1412-4122-BAF7-88B5ADC552DA}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [b5f45d2a6237b581b9967d8411f3da26]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C, , [703916710c8d37ff1ecd47c5d92a19e7],

Soubory: 48
PUP.Optional.APNToolBar, C:\Users\Home\Documents\APNSetup1.exe, , [4c5dfe893069bc7ad82f2e11c14042be],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi817c2e90-2377-469e-94ec-bb44f34a5569.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb341c0a44-e19b-4733-b73e-e33100fd72a6.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb6e29c989-22f2-4042-bc35-ff0e041ba540.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi16a3e9c0-0368-40d1-a188-8e908229b64c.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi25567afe-2a88-478a-b23a-1f2be17fa62f.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi25969844-e1b4-437a-9df1-cc0c05e139d0.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi341c0a44-e19b-4733-b73e-e33100fd72a6.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi3b2831a0-b5da-4714-b01e-4694e3b2c2d8.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi3e1f6f3e-0f68-468f-8693-ddef549c5b51.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi43260f0d-456f-452c-bb88-0bef083cc5ae.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi56aba6f0-4836-4548-b65d-17a26a828172.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi5708eee4-d375-4eb8-92dc-66afbe83a299.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi594bba24-d91a-480b-a2de-0adbd08277aa.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi6a74c5aa-4886-41ac-bfbe-b361f0de17c1.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi6dfe68e9-34d1-478e-93b3-b74996bcd450.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi6e29c989-22f2-4042-bc35-ff0e041ba540.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi7f4207d2-6084-4cb8-804f-24765abc2f59.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb3b2831a0-b5da-4714-b01e-4694e3b2c2d8.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb3e1f6f3e-0f68-468f-8693-ddef549c5b51.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb43260f0d-456f-452c-bb88-0bef083cc5ae.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb55bc7743-5da8-4b20-9a4f-83eb4ff1d2be.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb56aba6f0-4836-4548-b65d-17a26a828172.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb5708eee4-d375-4eb8-92dc-66afbe83a299.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb594bba24-d91a-480b-a2de-0adbd08277aa.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb6a74c5aa-4886-41ac-bfbe-b361f0de17c1.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb6dfe68e9-34d1-478e-93b3-b74996bcd450.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi914983d7-5185-4af5-a5af-2e20a1f7905a.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msib2d2f587-d70e-46fe-8da3-1e756acba804.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msic1dd5ca3-b5fd-484e-a2d7-55e009f78386.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msic471ce23-4fe4-4561-8e2b-a5e1474da01f.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msicd01fc6f-58e9-48ea-8bd7-3d3efd10e4a5.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msif8a6c4d7-b939-4726-a3e0-315a03d5da03.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb01bfbb50-bdbe-48ac-9daf-01eeb3abd138.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb16a3e9c0-0368-40d1-a188-8e908229b64c.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb1a9ba4ed-4396-45ea-8a84-e3f575eeb233.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb25567afe-2a88-478a-b23a-1f2be17fa62f.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb25969844-e1b4-437a-9df1-cc0c05e139d0.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb7f4207d2-6084-4cb8-804f-24765abc2f59.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb817c2e90-2377-469e-94ec-bb44f34a5569.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb8ae88b2a-db7c-45c3-b44c-9ddc762ab033.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb914983d7-5185-4af5-a5af-2e20a1f7905a.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbb10e8353-ef31-4fae-9dd3-365eb265a573.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbb2d2f587-d70e-46fe-8da3-1e756acba804.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbc1dd5ca3-b5fd-484e-a2d7-55e009f78386.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbc471ce23-4fe4-4561-8e2b-a5e1474da01f.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbcd01fc6f-58e9-48ea-8bd7-3d3efd10e4a5.log, , [703916710c8d37ff1ecd47c5d92a19e7],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbf8a6c4d7-b939-4726-a3e0-315a03d5da03.log, , [703916710c8d37ff1ecd47c5d92a19e7],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#10 Příspěvek od **Márty84** » 14 bře 2016 08:20

Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (ale tentokrat opravdu se spravnym nastavenim - tohle byl jen Sken hrozeb, ten nekontroluje cely pocitac, ja chtel Vlastni sken), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Andycasnochova

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15.3.2016
Čas skenování: 7:21
Protokol: pokus 2.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.03.15.02
Databáze rootkitů: v2016.03.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Home

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 598194
Uplynulý čas: 4 hod, 28 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 24
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BEE8614-4C64-4AC7-85C4-B14EBE734E96}, , [cd41acdc7623999d8d03689b788c5fa1],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D3FF2C9-5C6E-45F6-82A8-E9A3D2539FEC}, , [0ffff692bedb2f07c5cc60a37b891fe1],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BEE8614-4C64-4AC7-85C4-B14EBE734E96}, , [bc527b0d52478caa038d4ab943c124dc],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D3FF2C9-5C6E-45F6-82A8-E9A3D2539FEC}, , [21ed2167079285b18f021ee5fe06df21],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update WebSpades, , [11fda3e5aaefd6600daa294a07fd6997],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util WebSpades, , [fd1193f58b0e7fb715a2e58e08fcf907],
PUP.Optional.FreeHDSportTV, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\FreeHD-Sport TV V9.0, , [e925e7a17b1e3afcf342f515db29fe02],
PUP.Optional.FreeHDSportTV, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\APPDATALOW\SOFTWARE\FreeHD-Sport TV V9.0, , [9f6ffd8ba3f6290d68cde624e420bc44],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F04C694-AA45-4FC8-9A2A-B96E93857518}, , [f41adcac4d4ca393d49c6f949470fd03],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{209F9779-6F67-4889-AC7B-21FA2420C235}, , [4dc1eb9de6b362d4b0c04fb46f959e62],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BEE8614-4C64-4AC7-85C4-B14EBE734E96}, , [b05e0e7a12872a0c6708758edb2909f7],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{57E0DDB6-2A4C-4FE9-AE62-62B778CE3DE4}, , [f91516729bfec76fb8b8ae55a3616a96],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D3FF2C9-5C6E-45F6-82A8-E9A3D2539FEC}, , [30de8305207962d49ad646bd8381d729],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CD07598-2A0F-4B13-9BA9-4ABF7C986C93}, , [d33b50388b0e52e4046d7a89877da060],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DA51185-56BB-4AF3-AE66-D377A7C14DCE}, , [8d81d1b7eeabf3435719ef14c93b26da],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C78E8C7-644B-40FA-9879-F9527BA263B5}, , [5bb3147442579f97d19f8083d33121df],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FDC7A66-8CCE-43D9-A6A3-76C9FC2049CB}, , [6aa455334a4f6acca0d142c141c32dd3],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B1165269-5793-4622-BD58-D145413D7838}, , [be500f7980190630c2af907330d42ed2],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B495E73D-4DA2-41E5-B8A8-BD3CE21363CB}, , [2ae4f197e2b79c9a9bd54cb72bd9fb05],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B74051F8-900F-4DF2-AA94-18A56CC70FE5}, , [aa64a0e8fc9db87e5c15cc373ec65aa6],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA5D77E1-7557-4A6C-BE57-13EA442FE998}, , [eb23097fedacce680b666d96f50ff010],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E318482B-E1E8-4F50-AEFF-DD1FA7D3656D}, , [fc12d4b403968bab323f23e02ed6b848],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F0356CB4-F30B-4A20-857F-834D44CAC667}, , [4fbf10787227ce68f47de32035cfea16],
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB266CD3-1412-4122-BAF7-88B5ADC552DA}, , [868892f63861f046c6ab13f00bf908f8],

Hodnoty registru: 20
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3bee8614-4c64-4ac7-85c4-b14ebe734e96}|AppName, FreeHD-Sport TV V9.0-bg.exe, , [cd41acdc7623999d8d03689b788c5fa1]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5d3ff2c9-5c6e-45f6-82a8-e9a3d2539fec}|AppName, FreeHD-Sport TV V9.0-buttonutil.exe, , [0ffff692bedb2f07c5cc60a37b891fe1]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3bee8614-4c64-4ac7-85c4-b14ebe734e96}|AppName, FreeHD-Sport TV V9.0-bg.exe, , [bc527b0d52478caa038d4ab943c124dc]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5d3ff2c9-5c6e-45f6-82a8-e9a3d2539fec}|AppName, FreeHD-Sport TV V9.0-buttonutil.exe, , [21ed2167079285b18f021ee5fe06df21]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1F04C694-AA45-4FC8-9A2A-B96E93857518}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [f41adcac4d4ca393d49c6f949470fd03]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{209F9779-6F67-4889-AC7B-21FA2420C235}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [4dc1eb9de6b362d4b0c04fb46f959e62]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3bee8614-4c64-4ac7-85c4-b14ebe734e96}|AppName, FreeHD-Sport TV V9.0-bg.exe, , [b05e0e7a12872a0c6708758edb2909f7]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{57E0DDB6-2A4C-4FE9-AE62-62B778CE3DE4}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [f91516729bfec76fb8b8ae55a3616a96]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5d3ff2c9-5c6e-45f6-82a8-e9a3d2539fec}|AppName, FreeHD-Sport TV V9.0-buttonutil.exe, , [30de8305207962d49ad646bd8381d729]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6CD07598-2A0F-4B13-9BA9-4ABF7C986C93}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [d33b50388b0e52e4046d7a89877da060]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DA51185-56BB-4AF3-AE66-D377A7C14DCE}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [8d81d1b7eeabf3435719ef14c93b26da]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C78E8C7-644B-40FA-9879-F9527BA263B5}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [5bb3147442579f97d19f8083d33121df]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8FDC7A66-8CCE-43D9-A6A3-76C9FC2049CB}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [6aa455334a4f6acca0d142c141c32dd3]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B1165269-5793-4622-BD58-D145413D7838}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [be500f7980190630c2af907330d42ed2]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B495E73D-4DA2-41E5-B8A8-BD3CE21363CB}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-buttonutil.exe, , [2ae4f197e2b79c9a9bd54cb72bd9fb05]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b74051f8-900f-4df2-aa94-18a56cc70fe5}|AppName, FreeHD-Sport TV V9.0-codedownloader.exe, , [aa64a0e8fc9db87e5c15cc373ec65aa6]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA5D77E1-7557-4A6C-BE57-13EA442FE998}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [eb23097fedacce680b666d96f50ff010]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E318482B-E1E8-4F50-AEFF-DD1FA7D3656D}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [fc12d4b403968bab323f23e02ed6b848]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F0356CB4-F30B-4A20-857F-834D44CAC667}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [4fbf10787227ce68f47de32035cfea16]
PUP.Optional.CrossRider, HKU\S-1-5-21-1442193037-2828335503-2539238179-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB266CD3-1412-4122-BAF7-88B5ADC552DA}|AppName, 711bd280-00bb-4a68-b469-95176701eb0f-2.exe-codedownloader.exe, , [868892f63861f046c6ab13f00bf908f8]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C, , [e727b4d48c0dcb6baf3d1cf24fb417e9],

Soubory: 51
PUP.Optional.CrossRider, C:\Program Files (x86)\AdwCleaner\FileQuarantine\C\Program Files (x86)\LSHunter.TV\LSextsetup.exe.vir, , [59b5f7916336a29487a7e9ec10f0f10f],
PUP.Optional.Sanbreel, C:\Program Files (x86)\AdwCleaner\FileQuarantine\C\Program Files (x86)\WebSpades\bin\plugins\WebSpades.CompatibilityChecker.dll.vir, , [05090484e8b181b529edde6757aa9769],
PUP.Optional.BrowseFox, C:\Program Files (x86)\AdwCleaner\FileQuarantine\C\windows\SysNative\drivers\wStLibG64.sys.vir, , [cb431474c7d2d75f0e431423af566b95],
PUP.Optional.APNToolBar, C:\Users\Home\Documents\APNSetup1.exe, , [60ae1177c9d02a0cc0e9201f857cfd03],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi817c2e90-2377-469e-94ec-bb44f34a5569.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb341c0a44-e19b-4733-b73e-e33100fd72a6.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb6e29c989-22f2-4042-bc35-ff0e041ba540.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi16a3e9c0-0368-40d1-a188-8e908229b64c.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi25567afe-2a88-478a-b23a-1f2be17fa62f.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi25969844-e1b4-437a-9df1-cc0c05e139d0.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi341c0a44-e19b-4733-b73e-e33100fd72a6.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi3b2831a0-b5da-4714-b01e-4694e3b2c2d8.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi3e1f6f3e-0f68-468f-8693-ddef549c5b51.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi43260f0d-456f-452c-bb88-0bef083cc5ae.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi56aba6f0-4836-4548-b65d-17a26a828172.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi5708eee4-d375-4eb8-92dc-66afbe83a299.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi594bba24-d91a-480b-a2de-0adbd08277aa.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi6a74c5aa-4886-41ac-bfbe-b361f0de17c1.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi6dfe68e9-34d1-478e-93b3-b74996bcd450.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi6e29c989-22f2-4042-bc35-ff0e041ba540.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi7f4207d2-6084-4cb8-804f-24765abc2f59.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb3b2831a0-b5da-4714-b01e-4694e3b2c2d8.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb3e1f6f3e-0f68-468f-8693-ddef549c5b51.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb43260f0d-456f-452c-bb88-0bef083cc5ae.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb55bc7743-5da8-4b20-9a4f-83eb4ff1d2be.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb56aba6f0-4836-4548-b65d-17a26a828172.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb5708eee4-d375-4eb8-92dc-66afbe83a299.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb594bba24-d91a-480b-a2de-0adbd08277aa.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb6a74c5aa-4886-41ac-bfbe-b361f0de17c1.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb6dfe68e9-34d1-478e-93b3-b74996bcd450.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msi914983d7-5185-4af5-a5af-2e20a1f7905a.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msib2d2f587-d70e-46fe-8da3-1e756acba804.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msic1dd5ca3-b5fd-484e-a2d7-55e009f78386.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msic471ce23-4fe4-4561-8e2b-a5e1474da01f.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msicd01fc6f-58e9-48ea-8bd7-3d3efd10e4a5.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Msif8a6c4d7-b939-4726-a3e0-315a03d5da03.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb01bfbb50-bdbe-48ac-9daf-01eeb3abd138.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb16a3e9c0-0368-40d1-a188-8e908229b64c.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb1a9ba4ed-4396-45ea-8a84-e3f575eeb233.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb25567afe-2a88-478a-b23a-1f2be17fa62f.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb25969844-e1b4-437a-9df1-cc0c05e139d0.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb7f4207d2-6084-4cb8-804f-24765abc2f59.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb817c2e90-2377-469e-94ec-bb44f34a5569.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb8ae88b2a-db7c-45c3-b44c-9ddc762ab033.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stb914983d7-5185-4af5-a5af-2e20a1f7905a.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbb10e8353-ef31-4fae-9dd3-365eb265a573.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbb2d2f587-d70e-46fe-8da3-1e756acba804.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbc1dd5ca3-b5fd-484e-a2d7-55e009f78386.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbc471ce23-4fe4-4561-8e2b-a5e1474da01f.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbcd01fc6f-58e9-48ea-8bd7-3d3efd10e4a5.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],
PUP.Optional.ASK.Gen, C:\WINDOWS\Temp\APN-Stub\ATU4-V7C\Stbf8a6c4d7-b939-4726-a3e0-315a03d5da03.log, , [e727b4d48c0dcb6baf3d1cf24fb417e9],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#12 Příspěvek od **Márty84** » 16 bře 2016 07:25

Vsechny nalezy nechte odstranit, pak MBAM odinstalujte.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Andycasnochova · #13 Příspěvek od **Andycasnochova** » 09 dub 2016 17:15

omlouvam se za delsi casovou odmlku, nicmene dneska jsem provedla spusteni te aplikace dle pokynu. Nize uvadim ten vypis z daneho souboru , ktery se mi objevil po restartu notebooku. Dekuji.

ComboFix 16-04-06.01 - Home 09.04.2016 16:54:58.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3692.1876 [GMT 2:00]
Spuštěný z: c:\users\Home\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-03-09 do 2016-04-09 )))))))))))))))))))))))))))))))
.
.
2016-04-09 15:53 . 2016-04-09 15:53 -------- d-----w- c:\users\ondřej\AppData\Local\temp
2016-04-08 06:51 . 2016-03-17 01:45 11686560 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{682BCB65-4780-48DC-B3BE-C331351932DD}\mpengine.dll
2016-04-08 06:37 . 2016-04-08 06:59 -------- d-----w- c:\users\ondřej\AppData\Local\Google
2016-03-15 00:02 . 2016-03-15 00:02 2689680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
2016-03-13 21:30 . 2016-03-13 21:30 -------- d-----w- c:\programdata\Malwarebytes
2016-03-13 20:07 . 2016-03-13 20:12 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-13 11:45 . 2016-03-15 12:00 -------- d-----w- c:\program files\trend micro
2016-03-13 11:45 . 2016-03-15 12:00 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-08 11:59 . 2012-09-16 15:51 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-04-08 11:59 . 2012-01-12 14:09 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-19 19:02 . 2016-03-09 10:53 38336 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-02-19 18:54 . 2016-03-09 10:53 1168896 ----a-w- c:\windows\system32\aeinv.dll
2016-02-19 14:07 . 2016-03-09 10:53 1373184 ----a-w- c:\windows\system32\appraiser.dll
2016-02-12 18:52 . 2016-03-09 10:56 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-09 10:56 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-09 10:56 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-09 10:56 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-09 10:56 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-09 10:56 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-09 10:56 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-09 10:56 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-09 10:56 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-09 10:56 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-09 10:56 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-09 10:56 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-09 10:56 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-09 10:56 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-09 10:56 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-09 10:56 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-02-11 18:56 . 2016-03-09 10:55 5572032 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-02-11 18:56 . 2016-03-09 10:55 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-02-11 18:56 . 2016-03-09 10:55 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-02-11 18:52 . 2016-03-09 10:55 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-02-11 18:49 . 2016-03-09 10:55 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-02-11 18:49 . 2016-03-09 10:55 243712 ----a-w- c:\windows\system32\wow64.dll
2016-02-11 18:49 . 2016-03-09 10:55 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-02-11 18:49 . 2016-03-09 10:55 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-02-11 18:49 . 2016-03-09 10:55 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-02-11 18:49 . 2016-03-09 10:55 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-02-11 18:49 . 2016-03-09 10:55 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-02-11 18:49 . 2016-03-09 10:55 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-02-11 18:48 . 2016-03-09 10:55 503808 ----a-w- c:\windows\system32\srcore.dll
2016-02-11 18:48 . 2016-03-09 10:55 50176 ----a-w- c:\windows\system32\srclient.dll
2016-02-11 18:48 . 2016-03-09 10:55 28160 ----a-w- c:\windows\system32\secur32.dll
2016-02-11 18:48 . 2016-03-09 10:55 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:48 . 2016-03-09 10:55 1214464 ----a-w- c:\windows\system32\rpcrt4.dll
2016-02-11 18:47 . 2016-03-09 10:55 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-02-11 18:45 . 2016-03-09 10:55 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-02-11 18:45 . 2016-03-09 10:55 315392 ----a-w- c:\windows\system32\msv1_0.dll
2016-02-11 18:45 . 2016-03-09 10:55 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-02-11 18:45 . 2016-03-09 10:55 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-02-11 18:44 . 2016-03-09 10:55 3938240 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44 . 2016-03-09 10:55 3994560 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44 . 2016-03-09 10:55 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2016-02-11 18:44 . 2016-03-09 10:55 422400 ----a-w- c:\windows\system32\KernelBase.dll
2016-02-11 18:44 . 2016-03-09 10:55 730112 ----a-w- c:\windows\system32\kerberos.dll
2016-02-11 18:44 . 2016-03-09 10:55 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-02-11 18:42 . 2016-03-09 10:55 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-02-11 18:42 . 2016-03-09 10:55 43520 ----a-w- c:\windows\system32\cryptbase.dll
2016-02-11 18:42 . 2016-03-09 10:55 22016 ----a-w- c:\windows\system32\credssp.dll
2016-02-11 18:41 . 2016-03-09 10:55 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 880128 ----a-w- c:\windows\system32\advapi32.dll
2016-02-11 18:41 . 2016-03-09 10:55 686080 ----a-w- c:\windows\system32\adtschema.dll
2016-02-11 18:41 . 2016-03-09 10:55 1314328 ----a-w- c:\windows\SysWow64\ntdll.dll
2016-02-11 18:38 . 2016-03-09 10:55 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2016-02-11 18:38 . 2016-03-09 10:55 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2016-02-11 18:38 . 2016-03-09 10:55 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2016-02-11 18:38 . 2016-03-09 10:55 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2016-02-11 18:38 . 2016-03-09 10:55 171520 ----a-w- c:\windows\SysWow64\wdigest.dll
2016-02-11 18:38 . 2016-03-09 10:55 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2016-02-11 18:37 . 2016-03-09 10:55 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2016-02-11 18:37 . 2016-03-09 10:55 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2016-02-11 18:37 . 2016-03-09 10:55 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:35 . 2016-03-09 10:55 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
2016-02-11 18:35 . 2016-03-09 10:55 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2016-02-11 18:35 . 2016-03-09 10:55 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2016-02-11 18:34 . 2016-03-09 10:55 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2016-02-11 18:33 . 2016-03-09 10:55 553472 ----a-w- c:\windows\SysWow64\kerberos.dll
2016-02-11 18:31 . 2016-03-09 10:55 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2016-02-11 18:30 . 2016-03-09 10:55 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2015-09-02 721504]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-17 50378880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-08-12 520330]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-05-28 455512]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-1-13 1138464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO; [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/05 14:25];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2016-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-16 11:59]
.
2016-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1442193037-2828335503-2539238179-1001Core.job
- c:\users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 14:13]
.
2016-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1442193037-2828335503-2539238179-1001UA1cf91637406bf3c.job
- c:\users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 14:13]
.
2016-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1442193037-2828335503-2539238179-1001UA1d001d4a833a68d.job
- c:\users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 14:13]
.
2012-07-25 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-08-23 05:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5595848]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
Trusted Zone: seznam.cz\www
TCP: DhcpNameServer = 192.168.10.1
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{41545534-2D56-3743-00A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-HappyFoto-Designer_is1 - c:\program files (x86)\HappyFoto-Designer\unins000.exe
AddRemove-Totalcmd - c:\totalcmd\tcuninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_213_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_213_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_213_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_213_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_213.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Celkový čas: 2016-04-09 18:06:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-04-09 16:06
.
Před spuštěním: Volných bajtů: 25 060 667 392
Po spuštění: Volných bajtů: 28 187 492 352
.
- - End Of File - - 0A17A3E2B262024D089A04D6C264BF3C
A36C5E4F47E84449FF07ED3517B43A31

#14 Příspěvek od **Márty84** » 10 dub 2016 07:29

Pri tak dlouhych pauzach nema cisteni smysl, jelikoz za tak dlouhou dobu se tam zase mohlo objevit neco, co uz jsme smazali a je to pak porad dokola

Zopakujte krok s ADWCleanerem

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"SunJavaUpdateSched"=-
"DivXUpdate"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

DDS::
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
Trusted Zone: seznam.cz\www

Firefox::
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
FF - user.js: browser.chrome.favicons - false

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Andycasnochova · #15 Příspěvek od **Andycasnochova** » 10 dub 2016 10:36

ComboFix 16-04-06.01 - Home 10.04.2016 9:49.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3692.2343 [GMT 2:00]
Spuštěný z: c:\users\Home\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Home\Desktop\CFScript.txt
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-03-10 do 2016-04-10 )))))))))))))))))))))))))))))))
.
.
2016-04-10 08:48 . 2016-04-10 08:48 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2016-04-10 08:48 . 2016-04-10 08:48 -------- d-----w- c:\users\ondřej\AppData\Local\temp
2016-04-10 08:48 . 2016-04-10 08:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-04-10 07:28 . 2016-04-10 07:36 -------- d-----w- C:\AdwCleaner
2016-04-09 15:14 . 2016-04-09 15:14 -------- d-----w- c:\users\Home\AppData\Local\CEF
2016-04-08 06:51 . 2016-03-17 01:45 11686560 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{682BCB65-4780-48DC-B3BE-C331351932DD}\mpengine.dll
2016-04-08 06:37 . 2016-04-08 06:59 -------- d-----w- c:\users\ondřej\AppData\Local\Google
2016-03-15 00:02 . 2016-03-15 00:02 2689680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
2016-03-13 21:30 . 2016-03-13 21:30 -------- d-----w- c:\programdata\Malwarebytes
2016-03-13 20:07 . 2016-03-13 20:12 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-13 11:45 . 2016-03-15 12:00 -------- d-----w- c:\program files\trend micro
2016-03-13 11:45 . 2016-03-15 12:00 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-08 11:59 . 2012-09-16 15:51 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-04-08 11:59 . 2012-01-12 14:09 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-02-19 19:02 . 2016-03-09 10:53 38336 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-02-19 18:54 . 2016-03-09 10:53 1168896 ----a-w- c:\windows\system32\aeinv.dll
2016-02-19 14:07 . 2016-03-09 10:53 1373184 ----a-w- c:\windows\system32\appraiser.dll
2016-02-12 18:52 . 2016-03-09 10:56 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-02-12 18:52 . 2016-03-09 10:56 3169792 ----a-w- c:\windows\system32\wucltux.dll
2016-02-12 18:52 . 2016-03-09 10:56 192512 ----a-w- c:\windows\system32\wuwebv.dll
2016-02-12 18:44 . 2016-03-09 10:56 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2016-02-12 18:39 . 2016-03-09 10:56 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2016-02-12 18:22 . 2016-03-09 10:56 2610688 ----a-w- c:\windows\system32\wuaueng.dll
2016-02-12 18:19 . 2016-03-09 10:56 709120 ----a-w- c:\windows\system32\wuapi.dll
2016-02-12 18:18 . 2016-03-09 10:56 37888 ----a-w- c:\windows\system32\wuapp.exe
2016-02-12 18:18 . 2016-03-09 10:56 140288 ----a-w- c:\windows\system32\wuauclt.exe
2016-02-12 18:18 . 2016-03-09 10:56 36864 ----a-w- c:\windows\system32\wups.dll
2016-02-12 18:18 . 2016-03-09 10:56 37888 ----a-w- c:\windows\system32\wups2.dll
2016-02-12 18:18 . 2016-03-09 10:56 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2016-02-12 18:06 . 2016-03-09 10:56 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2016-02-12 18:05 . 2016-03-09 10:56 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2016-02-12 18:05 . 2016-03-09 10:56 30208 ----a-w- c:\windows\SysWow64\wups.dll
2016-02-12 18:05 . 2016-03-09 10:56 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2016-02-11 18:56 . 2016-03-09 10:55 5572032 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-02-11 18:56 . 2016-03-09 10:55 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-02-11 18:56 . 2016-03-09 10:55 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-02-11 18:52 . 2016-03-09 10:55 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-02-11 18:49 . 2016-03-09 10:55 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-02-11 18:49 . 2016-03-09 10:55 243712 ----a-w- c:\windows\system32\wow64.dll
2016-02-11 18:49 . 2016-03-09 10:55 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-02-11 18:49 . 2016-03-09 10:55 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-02-11 18:49 . 2016-03-09 10:55 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-02-11 18:49 . 2016-03-09 10:55 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-02-11 18:49 . 2016-03-09 10:55 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-02-11 18:49 . 2016-03-09 10:55 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-02-11 18:48 . 2016-03-09 10:55 503808 ----a-w- c:\windows\system32\srcore.dll
2016-02-11 18:48 . 2016-03-09 10:55 50176 ----a-w- c:\windows\system32\srclient.dll
2016-02-11 18:48 . 2016-03-09 10:55 28160 ----a-w- c:\windows\system32\secur32.dll
2016-02-11 18:48 . 2016-03-09 10:55 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:48 . 2016-03-09 10:55 1214464 ----a-w- c:\windows\system32\rpcrt4.dll
2016-02-11 18:47 . 2016-03-09 10:55 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-02-11 18:45 . 2016-03-09 10:55 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-02-11 18:45 . 2016-03-09 10:55 315392 ----a-w- c:\windows\system32\msv1_0.dll
2016-02-11 18:45 . 2016-03-09 10:55 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-02-11 18:45 . 2016-03-09 10:55 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-02-11 18:44 . 2016-03-09 10:55 3938240 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44 . 2016-03-09 10:55 3994560 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44 . 2016-03-09 10:55 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2016-02-11 18:44 . 2016-03-09 10:55 422400 ----a-w- c:\windows\system32\KernelBase.dll
2016-02-11 18:44 . 2016-03-09 10:55 730112 ----a-w- c:\windows\system32\kerberos.dll
2016-02-11 18:44 . 2016-03-09 10:55 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-02-11 18:42 . 2016-03-09 10:55 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-02-11 18:42 . 2016-03-09 10:55 43520 ----a-w- c:\windows\system32\cryptbase.dll
2016-02-11 18:42 . 2016-03-09 10:55 22016 ----a-w- c:\windows\system32\credssp.dll
2016-02-11 18:41 . 2016-03-09 10:55 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-02-11 18:41 . 2016-03-09 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 18:41 . 2016-03-09 10:55 880128 ----a-w- c:\windows\system32\advapi32.dll
2016-02-11 18:41 . 2016-03-09 10:55 686080 ----a-w- c:\windows\system32\adtschema.dll
2016-02-11 18:41 . 2016-03-09 10:55 1314328 ----a-w- c:\windows\SysWow64\ntdll.dll
2016-02-11 18:38 . 2016-03-09 10:55 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2016-02-11 18:38 . 2016-03-09 10:55 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2016-02-11 18:38 . 2016-03-09 10:55 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2016-02-11 18:38 . 2016-03-09 10:55 275456 ----a-w- c:\windows\SysWow64\KernelBase.dll
2016-02-11 18:38 . 2016-03-09 10:55 171520 ----a-w- c:\windows\SysWow64\wdigest.dll
2016-02-11 18:38 . 2016-03-09 10:55 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2016-02-11 18:37 . 2016-03-09 10:55 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2016-02-11 18:37 . 2016-03-09 10:55 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2016-02-11 18:37 . 2016-03-09 10:55 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:35 . 2016-03-09 10:55 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
2016-02-11 18:35 . 2016-03-09 10:55 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2016-02-11 18:35 . 2016-03-09 10:55 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2016-02-11 18:34 . 2016-03-09 10:55 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2016-02-11 18:33 . 2016-03-09 10:55 553472 ----a-w- c:\windows\SysWow64\kerberos.dll
2016-02-11 18:31 . 2016-03-09 10:55 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2016-02-11 18:30 . 2016-03-09 10:55 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2015-09-02 721504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-08-12 520330]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-05-28 455512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-1-13 1138464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ALSysIO;ALSysIO; [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/01/05 14:25];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe;c:\program files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys;c:\program files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2016-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-16 11:59]
.
2016-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1442193037-2828335503-2539238179-1001Core.job
- c:\users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 14:13]
.
2016-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1442193037-2828335503-2539238179-1001UA1cf91637406bf3c.job
- c:\users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 14:13]
.
2016-04-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1442193037-2828335503-2539238179-1001UA1d001d4a833a68d.job
- c:\users\Home\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 14:13]
.
2012-07-25 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-08-23 05:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Home\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5595848]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.10.1
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\17d8janp.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
38
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{41545534-2D56-3743-00A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-HappyFoto-Designer_is1 - c:\program files (x86)\HappyFoto-Designer\unins000.exe
AddRemove-Totalcmd - c:\totalcmd\tcuninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_213_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_213_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Celkový čas: 2016-04-10 11:02:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-04-10 09:02
ComboFix2.txt 2016-04-09 16:07
.
Před spuštěním: Volných bajtů: 29 009 850 368
Po spuštění: Volných bajtů: 28 049 006 592
.
- - End Of File - - BE5D994C27EADD8AAA405E2CD266BBC4
A36C5E4F47E84449FF07ED3517B43A31

VIRY.CZ

vyzva ke změně hesla seznam

vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam

Re: vyzva ke změně hesla seznam